This article was originally distributed via PRWeb. PRWeb, WorldNow and this Site make no warranties or representations in connection therewith.
With concerns raised recently about the security of using mobile banking applications, faculty experts in the University of Maryland's Robert H. Smith School of Business give advice for controlling associated risk.
College Park, Md. (PRWEB) February 05, 2014
Security-assessment firm IOActive recently identified security flaws in 40 mobile banking applications for iPhone and iPad that are used by some of the world's leading financial institutions.
The alarm coincides with recent data showing that more than half of smartphone users on both the iOS and Android platforms frequently use their banks mobile site or app.
Faculty experts in the University of Marylands Robert H. Smith School of Business say the risks can be mitigated.
Among the IOActive findings, all tested apps could be installed on jailbroken phones, which nullifies the device's built-in security features. Also, about half the apps were susceptible to cross-site scripting, a hacking method that prompts users to re-enter their username and password.
Bill Rand, assistant professor of marketing and computer science, and director of Smith's Center for Complexity in Business, suggests these safeguards for consumers:
No security system is perfect, Rand says. The endgame here is to make the degree of difficulty high enough to dissuade the attacker.
On the positive side, the ability to audit your own financial accounts online, 24 hours a day, rather than having to go to a bank in person to audit transactions, increases your overall financial security, he says. In the end, the convenience of online banking probably outweighs the risk to consumers, who ultimately must weigh that decision for themselves.
Banks should be assessing themselves as well. The (IOActive) findings, if accurate, suggest the banks have underestimated the probability of potential cybersecurity breaches associated with their mobile apps, said Lawrence Gordon, Smith's EY Alumni Professor of Managerial Accounting. Under this scenario, the Gordon-Loeb Model for Cybersecurity Investments would suggest that the banks are underinvesting in cybersecurity.
(The model, a guide to calculating a firms optimal investment for information security, was established by Gordon and Smith colleague Martin Loeb, professor of accounting and information assurance and Deloitte and Touche LLP Faculty Fellow.)
Rand, who uses computer models to help understand various complex systems including financial systems, suburban sprawl and traffic patterns, is available for further comment at wrand(at)rhsmith(dot)umd(dot)edu or 301-405-7229.
About the University of Maryland's Robert H. Smith School of Business
The Robert H. Smith School of Business is an internationally recognized leader in management education and research. One of 12 colleges and schools at the University of Maryland, College Park, the Smith School offers undergraduate, full-time and part-time MBA, executive MBA, online MBA, MS in business, PhD and executive education programs, as well as outreach services to the corporate community. The school offers its degree, custom and certification programs in learning locations in North America and Asia.
For the original version on PRWeb visit: http://www.prweb.com/releases/2014/02/prweb11550959.htm
Information contained on this page is provided by an independent third-party content provider. WorldNow and this Station make no warranties or representations in connection therewith. If you have any questions or comments about this page please contact firstname.lastname@example.org.